Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Master the Certified Ethical Hacker (CEH) CEH-001 Exam with Confidence!

Questions 141

Syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It also provides devices, which would otherwise be unable to communicate a means to notify administrators of problems or performance.

CEH-001 Question 141

What default port Syslog daemon listens on?

Options:

A.

242

B.

312

C.

416

D.

514

Buy Now
Questions 142

Stephanie works as senior security analyst for a manufacturing company in Detroit. Stephanie manages network security throughout the organization. Her colleague Jason told her in confidence that he was able to see confidential corporate information posted on the external website http://www.jeansclothesman.com. He tries random URLs on the company 's website and finds confidential information leaked over the web. Jason says this happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is very concerned about this, since someone should be held accountable if there was sensitive information posted on the website.

Where can Stephanie go to see past versions and pages of a website?

Options:

A.

She should go to the web page Samspade.org to see web pages that might no longer be on the website

B.

If Stephanie navigates to Search.com; she will see old versions of the company website

C.

Stephanie can go to Archive.org to see past versions of the company website

D.

AddressPast.com would have any web pages that are no longer hosted on the company's website

Buy Now
Questions 143

Jason works in the sales and marketing department for a very large advertising agency located in Atlanta. Jason is working on a very important marketing campaign for his company's largest client. Before the project could be completed and implemented, a competing advertising company comes out with the exact same marketing materials and advertising, thus rendering all the work done for Jason's client unusable. Jason is questioned about this and says he has no idea how all the material ended up in the hands of a competitor.

Without any proof, Jason's company cannot do anything except move on. After working on another high profile client for about a month, all the marketing and sales material again ends up in the hands of another competitor and is released to the public before Jason's company can finish the project. Once again, Jason says that he had nothing to do with it and does not know how this could have happened. Jason is given leave with pay until they can figure out what is going on.

Jason's supervisor decides to go through his email and finds a number of emails that were sent to the competitors that ended up with the marketing material. The only items in the emails were attached jpg files, but nothing else. Jason's supervisor opens the picture files, but cannot find anything out of the ordinary with them.

What technique has Jason most likely used?

Options:

A.

Stealth Rootkit Technique

B.

ADS Streams Technique

C.

Snow Hiding Technique

D.

Image Steganography Technique

Buy Now
Questions 144

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

Options:

A.

Install patches

B.

Setup a backdoor

C.

Install a zombie for DDOS

D.

Cover your tracks

Buy Now
Questions 145

What port number is used by Kerberos protocol?

Options:

A.

88

B.

44

C.

487

D.

419

Buy Now
Questions 146

Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server. Why do you think this is possible?

Options:

A.

It works because encryption is performed at the application layer (single encryption key)

B.

The scenario is invalid as a secure cookie cannot be replayed

C.

It works because encryption is performed at the network layer (layer 1 encryption)

D.

Any cookie can be replayed irrespective of the session status

Buy Now
Questions 147

Bret is a web application administrator and has just read that there are a number of surprisingly common web application vulnerabilities that can be exploited by unsophisticated attackers with easily available tools on the Internet. He has also read that when an organization deploys a web application, they invite the world to send HTTP requests. Attacks buried in these requests sail past firewalls, filters, platform hardening, SSL, and IDS without notice because they are inside legal HTTP requests. Bret is determined to weed out vulnerabilities.

What are some of the common vulnerabilities in web applications that he should be concerned about?

Options:

A.

Non-validated parameters, broken access control, broken account and session management, cross-site scripting and buffer overflows are just a few common vulnerabilities

B.

Visible clear text passwords, anonymous user account set as default, missing latest security patch, no firewall filters set and no SSL configured are just a few common vulnerabilities

C.

No SSL configured, anonymous user account set as default, missing latest security patch, no firewall filters set and an inattentive system administrator are just a few common vulnerabilities

D.

No IDS configured, anonymous user account set as default, missing latest security patch, no firewall filters set and visible clear text passwords are just a few common vulnerabilities

Buy Now
Questions 148

Jayden is a network administrator for her company. Jayden wants to prevent MAC spoofing on all the Cisco switches in the network. How can she accomplish this?

Options:

A.

Jayden can use the commanD. ip binding set.

B.

Jayden can use the commanD. no ip spoofing.

C.

She should use the commanD. no dhcp spoofing.

D.

She can use the commanD. ip dhcp snooping binding.

Buy Now
Questions 149

In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR. These flags have decimal numbers assigned to them:

FIN = 1

SYN = 2

RST = 4

PSH = 8

ACK = 16

URG = 32

ECE = 64

CWR = 128

Jason is the security administrator of ASPEN Communications. He analyzes some traffic using Wireshark and has enabled the following filters.

CEH-001 Question 149

What is Jason trying to accomplish here?

Options:

A.

SYN, FIN, URG and PSH

B.

SYN, SYN/ACK, ACK

C.

RST, PSH/URG, FIN

D.

ACK, ACK, SYN, URG

Buy Now
Questions 150

CEH-001 Question 150

An attacker finds a web page for a target organization that supplies contact information for the company. Using available details to make the message seem authentic, the attacker drafts e-mail to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator.

The email asks the employee to log into a bogus page that requests the employee's user name and password or click on a link that will download spyware or other malicious programming.

Google's Gmail was hacked using this technique and attackers stole source code and sensitive data from Google servers. This is highly sophisticated attack using zero-day exploit vectors, social engineering and malware websites that focused on targeted individuals working for the company.

What is this deadly attack called?

Options:

A.

Spear phishing attack

B.

Trojan server attack

C.

Javelin attack

D.

Social networking attack

Buy Now
Questions 151

How do you defend against Privilege Escalation?

Options:

A.

Use encryption to protect sensitive data

B.

Restrict the interactive logon privileges

C.

Run services as unprivileged accounts

D.

Allow security settings of IE to zero or Low

E.

Run users and applications on the least privileges

Buy Now
Questions 152

In what stage of Virus life does a stealth virus gets activated with the user performing certain actions such as running an infected program?

Options:

A.

Design

B.

Elimination

C.

Incorporation

D.

Replication

E.

Launch

F.

Detection

Buy Now
Questions 153

In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code?

Options:

A.

EEP

B.

ESP

C.

EAP

D.

EIP

Buy Now
Questions 154

How do you defend against DHCP Starvation attack?

CEH-001 Question 154

Options:

A.

Enable ARP-Block on the switch

B.

Enable DHCP snooping on the switch

C.

Configure DHCP-BLOCK to 1 on the switch

D.

Install DHCP filters on the switch to block this attack

Buy Now
Questions 155

If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business, they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they will be in the organization.

CEH-001 Question 155

How would you prevent such type of attacks?

Options:

A.

It is impossible to block these attacks

B.

Hire the people through third-party job agencies who will vet them for you

C.

Conduct thorough background checks before you engage them

D.

Investigate their social networking profiles

Buy Now
Questions 156

Attackers target HINFO record types stored on a DNS server to enumerate information. These are information records and potential source for reconnaissance. A network administrator has the option of entering host information specifically the CPU type and operating system when creating a new DNS record. An attacker can extract this type of information easily from a DNS server.

Which of the following commands extracts the HINFO record?

CEH-001 Question 156

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Buy Now
Questions 157

Maintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect of Web server security.

Maintaining the security of a Web server will usually involve the following steps:

1. Configuring, protecting, and analyzing log files

2. Backing up critical information frequently

3. Maintaining a protected authoritative copy of the organization's Web content

4. Establishing and following procedures for recovering from compromise

5. Testing and applying patches in a timely manner

6. Testing security periodically.

In which step would you engage a forensic investigator?

Options:

A.

1

B.

2

C.

3

D.

4

E.

5

F.

6

Buy Now
Questions 158

Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.

Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

CEH-001 Question 158

What is the risk of installing Fake AntiVirus?

Options:

A.

Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums

B.

Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker

C.

Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk

D.

Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

Buy Now
Questions 159

A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity retailing sites, UPS, FEDEX, CITIBANK or a major provider of a common service.

Here is a fraudulent e-mail claiming to be from FedEx regarding a package that could not be delivered. This mail asks the receiver to open an attachment in order to obtain the FEDEX tracking number for picking up the package. The attachment contained in this type of e-mail activates a virus.

CEH-001 Question 159

Vendors send e-mails like this to their customers advising them not to open any files attached with the mail, as they do not include attachments.

Fraudulent e-mail and legit e-mail that arrives in your inbox contain the fedex.com as the sender of the mail.

How do you ensure if the e-mail is authentic and sent from fedex.com?

Options:

A.

Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all

B.

Check the Sender ID against the National Spam Database (NSD)

C.

Fake mail will have spelling/grammatical errors

D.

Fake mail uses extensive images, animation and flash content

Buy Now
Questions 160

Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him ''just to double check our records.'' Jane does not suspect anything amiss, and parts with her password. Jack can now access Brown Co.'s computers with a valid user name and password, to steal the cookie recipe. What kind of attack is being illustrated here?

Options:

A.

Reverse Psychology

B.

Reverse Engineering

C.

Social Engineering

D.

Spoofing Identity

E.

Faking Identity

Buy Now